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Chapter 3: Volume Organization 



The documentation suite for the Blue Coat ProxySG Configuration and Management Guide 
is composed of 12 volumes, which includes the Blue Coat ProxySG Content Policy 
Language Guide (Volume 11) and Blue Coat ProxySG Command Line Reference (Volume 12). 

The Blue Coat ProxySG Configuration and Management Guide has been divided into 
separate volumes to improve accessibility and readability, and to allow like topics to be 
discussed more thoroughly For example, the proxies chapter has been converted to 
Volume 3: Proxies and Proxy Services, and each proxy has its own chapter. This allows a 
solutions-based discussion for each proxy. 

Nearly every volume contains a glossary. Volume 22: ProxySG Content Policy Language 
Guide has a separate, CPL-specific glossary. Volume 12: ProxySG Command Line Reference 
has no glossary. 



Table 3-1 . Volume Organization 



Volume Title 


Description 


Volume 1: Introduction to the ProxySG 


Volume 1 contains the table of contents for the entire 
documentation suite. It also contains a task list of 
pointers to locations for common tasks. 


Volume 2: Getting Started 


Contained in this book is everything you need to get 

started: 

• how to log in to the ProxySG CLI and Web-based 
Management Console 

• how to change the administrator username, 
password, and privileged-mode password;. 

• licensing 

• how to set the ProxySG name and system time, 
configure the network adapter, load balance, and 
specify DNS servers. 


Volume 3: Proxies and Proxy Servicess 


Volume 3 describes the proxies and proxy services 
available. Separate chapters describe each of the 
various kinds of proxies. 


Volume 4: Web Communication Proxies 


Application proxies, such as IM and streaming, are 
discussed in this volume. 
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Table 3-1 . Volume Organization (Continued) 



Volume Title 


Description 


Volume 5: Securing the ProxySG 


Enabling and maintaining security on the ProxySG is 
discussed in this volume. 

Blue Coat supports a number of kinds of 
authentication, discussed here: LDAP, IWA, RADIUS, 
Local, Certificate (which allows you to authenticate 
using certificates), policy substitution, COREid, 
Netegrity, and Sequence (which allows you to 
authenticate using multiple authentication servers). 

Also discussed in this volume is the ProxySG BCAAA 
agent. 


Volume 6: Advanced Networking 


Topics discussed in this volume are networkings tasks: 
setting failover, TCP-IP, attack detection, WCCP, and 
the Routing Information Protocol (RIP). Commands 
supported for the RIP configuration text file are 
discussed in the appendix. 

Health Checks, forwarding, and managing bandwidth 
are also discussed in this volume. 


Volume 7: VPM and Advanced Policy 


Discussed in this volume are: 

• Four policy files are used to manage policy: 
Central, Local, Visual Policy Manager, and 
Forwarding. T. 

• Pop-up ad blocking, managing active content, and 
creating exceptions. 

• This volume also contains a reference guide and 
several tutorials for using the Visual Policy 
Manager. 


Volume 8: Managing Content 


This volume discusses how to configure and use the 
ProxySG's content filtering capabilities, as well as 
configuring and using content filtering vendors to 
work with the ProxySG. 

External Services (ICAP and Websense off-box) are 
also found in this volume. 


Volume 9: Access Logging 


Log formats, upload clients, upload schedules, and 
protocols are discussed in this volume. 

In the Access Log Formats appendix, ELFF, SQUID, 
NCSA/Common, and custom logs are discussed. 


Volume 10: Managing the ProxySG 


This volume discusses upgrading the system and 
configuring event logs, SMNP, STMP, heartbeats, and 
core images, as well as diagnostics. 

Health Monitoring, new in this release, is discussed in 
this volume. 

The statistics chapter discusses viewing various kinds 
of statistics — system usage, efficiency, resources, and 
logs of all kinds. 
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Table 3-1 . Volume Organization (Continued) 



Volume Title 


Description 


Volume 11: ProxySG Content Policy Language 
Guide 


This volume discusses using Content Policy Language 
(CPL) to create and manage policies on the ProxySG. 


Volume 12: ProxySG Command Line Reference 


This is a reference, in man-page format, of all the CLI 
commands supported by SGOS. 



Note: The Blue Coat ProxySG Configuration and Management Guide suite and the online help 
contain the same information but are not identical. For the latest information, refer to the 
Bine Coat ProxySG Configuration and Management Guide documentation suite. 



Related Blue Coat Documentation 

□ Blue Coat 200 Series Installation Guide 

□ Blue Coat SG 410 Installation Guide 

□ Blue Coat SG810 Installation Guide 



□ Blue Coat SG8100 Installation Guide 



Document Conventions 

The following section lists the typographical and Command Line Interface (CLI) syntax 
conventions used in this manual. 



Table 3-2. Document Conventions 



Conventions 


Definition 


Italics 


The first use of a new or Blue Coat-proprietary term. 


Courier font 


Command line text that appears on your administrator workstation. 


Courier Italics 


A command line variable that is to be substituted with a literal name or value 
pertaining to the appropriate facet of your network system. 


Courier Boldface 


A ProxySG literal to be entered as shown. 


{ } 


One of the parameters enclosed within the braces must be supplied 


[ ] 


An optional parameter or parameters. 


1 


Either the parameter before or after the pipe character can or must be selected, 
but not both. 
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Chapter 4: Master Table of Contents 



This chapter contains the table of contents for each of the eleven remaining books in the 12 volume Blue Coat 
Proxy SG Configuration and Management Guide Suite. The table of contents for this book. Volume 2: Introduction to 
the ProxySG, is in the front of this book, following the cover. 
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The top-level tasks you need to carry out to customize the ProxySG to your 

environment are: 

a "Placing the ProxySG in a Network" on page 59 

□ "Initial Setup" on page 60 

a "Simple Policy" on page 60 

□ "Implementing Policies" on page 60 

□ "Managing the ProxySG" on page 61 

□ "Managing the Proxy AV" on page 61 

□ "Troubleshooting" on page 61 

This chapter also includes a task list that provides pointers in the documentation. 

Placing the ProxySG in a Network 

To install a ProxySG into a network, the network must be set up to present the ProxySG 

with traffic to control. 

□ Explicit Proxy: All the ProxySG needs is IP address connectivity to the network; 
browsers must be configured to point to the ProxySG through a PAC file. 

□ Transparent Proxy: The majority of networks use transparent proxy. Transparent 
proxying occurs when the ProxySG receives traffic destined for Origin Content 
Servers (OCS) and terminates the traffic, then initiates the same request to the OCS. 

• Bridging: With this configuration, you do not have to make router or L4 switch 
configuration changes. The ProxySG is placed inline on a segment of the 
network where all outgoing traffic flows; one Ethernet interface is connected to 
the internal network, the other Ethernet interface is connected to the Internet. 
The ProxySG terminates all traffic on the service ports in which the proxy has 
been configured and sends the request to the outside OCS. All other traffic is 
bridged between the two Ethernet interfaces. 

Note that this configuration, without using policy controls, can lead to an open 
proxy. An open proxy results when traffic is allowed on the outside (Internet) 
interface because users are accessing internal Web servers behind the proxy. 

• WCCP: If the site has Cisco routers, WCCP can be used to direct certain TCP/ 
IP connections to the ProxySG. TCP/IP ports to forward to the ProxySG are 
communicated between ProxySG appliances and the Cisco routers. Typically, 
this is enforced on the outgoing interface on the Cisco router. 

• L4 switching: Similar to WCCP, the L4 switch is configured to forward traffic 
for specific TCP/IP ports to the attached ProxySG. 
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Initial Setup 

The ProxySG must be initially configured before it operates on a network. This can be 
done through the front panel (if applicable) or the serial console. The initial setup sets not 
only the IP address, but enable and console passwords. Once completed, the ProxySG can 
be managed through the serial console, SSH, or HTTPS at port 8082. Information on 
setting up the ProxySG is in the Quick Start Guide and Installation Guide for your 
platform. 

Simple Policy 

The default policy on new ProxySG appliances is to deny everything. To test initial setup, 
you can create a policy of ALLOW, along with changing access logging to log to the 
default logs. If the ProxySG is correctly set up, Web browsers can surf the Internet and all 
transactions are logged. Once the ProxySG setup is verified, the policy should again be set 
to DENY, unless otherwise required. 

If the policy is set to allow everything and a bridged configuration is used, clients can 
send a connection request for any port, including e-mail, using the proxy to send spam. 
This is called an open proxy and usually results in performance slowdowns (among other 
things). 

To prevent the ProxySG from becoming an open proxy in a bridged configuration if you 
must use an ALLOW configuration, add the following policy to the end of the local policy: 

define subnet Trusted_Clients 
10 . 0 . 0 . 0/8 
end subnet 

define subnet Trusted_Servers 
216 . 52 . 23 . 0/24 
end subnet 

<Proxy> 

client . address = Trusted_Clients OK ; Policy below applies 
proxy . address = Trusted_Servers OK ; Policy below applies 
FORCE_DENY ; Force a denial for everything else 

<Proxy> 

; Add other allow or deny rules here 
; Example: Allow all traffic not denied above 
ALLOW 

Implementing Policies 

Once the basic system is set up, you need to decide which controls — policies — to put in 
place. Typically, the following are configured on the system: 

□ Proxy caching (HTTP, FTP, Streaming) 

□ Authentication/ single sign-on 

□ Access control policy 

□ Content filtering 

□ Web anti-virus 

Implementing policies is a two-step process: 

□ Configure the feature; for example, choose Blue Coat Web Filter (BCWF) or another 
content filtering vendor, enable it, and schedule downloads of the database. 
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□ Create policy through the graphical Visual Policy Manager (VPM) or through the 
Content Policy Language (CPL). 

Managing the ProxySG 

Once the configuration and policy on the ProxySG are set, you should know how to 
evaluate the current operating state. This can include reviewing event log messages, 
utilizing SNMP, or diagnostics such as CPU utilization. 

□ Archive a configuration file: Volume 2: Getting Started 

□ Upgrade the system: Volume 10: Managing the ProxySG 

□ Set up event logging: Volume 10: Managing the ProxySG 

□ Configure SNMP: Volume 10: Managing the ProxySG 

□ Understand Diagnostics: Volume 10: Managing the ProxySG 

Managing the ProxyAV 

The ProxySG with ProxyAV™ integration is a high-performance Web anti-virus (AV) 
solution. For most enterprises, Web applications and traffic are mission-critical, 
representing 90% of the total Internet traffic. 

By deploying the ProxySG/ProxyAV solution, you gain performance and scalability (up 
to 250+ Mbps HTTP throughput), along with Web content control. 

For information on managing the ProxyAV, refer to the Blue Coat ProxyAV Configuration 
and Management Guide. 

Troubleshooting 

Use the access logs, event logs, and packet captures to check connections and view traffic 
passing through the ProxySG. Use policy tracing to troubleshoot policy. Note that policy 
tracing is global; that is, it records every policy-related event in every layer. Turning on 
policy tracing of any kind is expensive in terms of system resource usage and slows down 
the ProxySG's ability to handle traffic. 

□ Policy tracing: For information on using policy tracing, refer to Volume 7: VPM and 
Advanced Policy. 

□ Access Logs: For information on configuring and using access logs, refer to Volume 9: 
Access Logging. 

□ Event logs: For information on using event logs, refer to Volume 10: Managing the 
ProxySG. 

□ Packet capture: For information on using the PCAP utility, refer to Volume 10: 
Managing the ProxySG. 
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Task Tables 

The tables below refer to the sections in the manuals that describe the top-level tasks to 
customize the ProxySG to your environment. The tables are listed in alphabetical order 
(for example, access logging, authentication, bridging, caching, and so on). 

Table 5.1 : Access Logging 



Task 


Reference 


Configure access logging with 

• Blue Coat Reporter 

• SurfControl Reporter 

• Websense Reporter 


• Blue Coat Reporter: Chapter 3, "Creating the First 
Profile," Blue Coat Reporter Configuration and 
Management Guide 

• SurfControl Reporter: Volume 8: Managing Content 

• Websense Reporter: Volume 8: Managing Content 



Table 5.2: Anti-Virus 



Task 


Reference 


Block Web viruses using ProxyAV 


Volume 8: Managing Content 


Set up anti-virus filtering 


Blue Coat ProxyAV Configuration and Management Guide 



Table 5.3: Authentication 



Task 


Reference 


Achieve single sign-on with IWA (formerly 
NTLM) 


Volume 5: Securing the ProxySG 


Select the right authentication mode 


Volume 5: Securing the ProxySG 


Install the Blue Coat authentication/ 
authorization agent to work with IWA (formerly 
NTLM) 


Volume 5: Securing the ProxySG 


Configure authentication to work with an 
existing authentication service 


Volume 5: Securing the ProxySG 


Set up authentication schemes and use them in 
policy 


Volume 5: Securing the ProxySG 



Table 5.4: Bridging 



Task 


Reference 


Configure bridging (hardware or software) 


Volume 2: Getting Started 


Allow those from outside a bridged deployment 
to get to internal servers 


Volume 3: Proxies and Proxy Services 
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Table 5.5: Caching 



Task 


Reference 


Disable caching 


Volume 3: Proxies and Proxy Services 



Table 5.6: HTTP 



Task 


Reference 


Redirect HTTP with WCCP 


Volume 3: Proxies and Proxy Services 



Table 5.7: HTTPS 



Task 


Reference 


Create a transparent HTTPS service 


Volume 3: Proxies and Proxy Services 



Table 5.8: Instant Messaging 



Task 


Reference 


Allow, block, and control the supported Instant 
Messaging clients 


Volume 4: Web Communication Proxies 



Table 5.9: Management 



Task 


Reference 


Get the Management Console to work 


Volume 2: Getting Started 


Manage the System: 

• License the system 

• Back up the configuration 

• View statistics 
® Resources 
® Efficiency 

• SNMP monitoring 


• Volume 2: Getting Started 

• Volume 2: Getting Started 

• Volume 10: Managing the ProxySG 

• Volume 10: Managing the ProxySG 

• Volume 10: Managing the ProxySG 

• Volume 10: Managing the ProxySG 



Table 5.10: Policy 



Task 


Reference 


Set up authentication schemes and use them in 
policy 


Volume 5: Securing the ProxySG 


Limit network access and configuring 
compliance pages 


Volume 5: Securing the ProxySG 


Block unwanted content 


Volume 5: Securing the ProxySG 
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Table 5.10: Policy 



Change policy default 


Volume 7: VPM and Advanced Policy 


Write policy using the Visual Policy Manager 
(VPM) 


Volume 7: VPM and Advanced Policy 


Write policy using the Content Policy Language 
(CPL) 


Blue Coat ProxySG Content Policy Language Guide 



Table 5.11: Proxies 



Task 


Reference 


Determine the best type of proxy for the 
environment 


Volume 3: Proxies and Proxy Services 


Set up HTTPS Reverse Proxy 


Volume 3: Proxies and Proxy Services 


Get traffic to the proxy 


Volume 3: Proxies and Proxy Services 



Table 5.12: Reporter, Blue Coat 



Task 


Reference 


Make Blue Coat Reporter work with access 
logging 


Blue Coat Reporter: Chapter 3, "Creating the First 
Profile," Blue Coat Reporter Configuration and 
Management Guide 


Use Scheduler to set up report generation 


Chapter 3, "Using Scheduler," in the Blue Coat Reporter 
Configuration and Management Guide 


Generate specific reports for specific people 


Blue Coat Reporter Configuration and Management Guide 



Table 5.13: Reporter, SurfControl 



Task 


Reference 


Configure SurfControl Reporter 


Volume 8: Managing Content 



Table 5.14: Reporter, Websense 



Task 


Reference 


Configure Websense Reporter 


Volume 8: Managing Content 



Table 5.15: Services 



Task 


Reference 


Create a port service 


Volume 3: Proxies and Proxy Services 
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Table 5.16: Streaming 



Task 


Reference 


Control streaming protocols 


Volume 4: Web Communication Proxies 



Table 5.17: WCCP 



Task 


Reference 


Configure WCCP for multiple ports 


Volume 6: Advanced Netzvorking 


Redirect HTTP with WCCP 


Volume 6: Advanced Netzvorking 


Configure the home-router IP 


Volume 6: Advanced Netzvorking 


Configure multiple home-routers 


Volume 6: Advanced Netzvorking 


Configure a multicast address as the proxy's 
home router 


Volume 6: Advanced Netzvorking 
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Third Party Copyright Notices 



Blue Coat Systems, Inc. utilizes third party software from various sources. Portions of this software are copyrighted by their respective owners as 
indicated in the copyright notices below. 

The following lists the copyright notices for: 

BPF 

Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996 
The Regents of the University of California. All rights reserved. 

Redistribution and use in source and binary forms, with or without modification, are permitted provided that: (1) source code distributions retain the 
above copyright notice and this paragraph in its entirety, (2) distributions including binary code include the above copyright notice and this paragraph 
in its entirety in the documentation or other materials provided with the distribution, and (3) all advertising materials mentioning features or use of this 
software display the following acknowledgement: 

This product includes software developed by the University of California, Lawrence Berkeley Laboratory and its contributors. 

Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without 
specific prior written permission. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, 
INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 

DES 

Software DES functions written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from the 1977 public-domain program by Jim Gillogly. 

EXPAT 

Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd. 

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal 
in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/ or sell copies 
of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE 
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 
CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 
IN THE SOFTWARE. 

Finjan Software 

Copyright (c) 2003 Finjan Software, Inc. All rights reserved. 

Flowerfire 

Copyright (c) 1996-2002 Greg Ferrar 
ISODE 

ISODE 8.0 NOTICE 

Acquisition, use, and distribution of this module and related materials are subject 
User's Manual for the full terms of this agreement. 

4BSD /ISODE SMP NOTICE 

Acquisition, use, and distribution of this module and related materials are subject 
UNIX is a registered trademark in the US and other countries, licensed exclusively through X/Open Company Ltd. 

MD5 

RSA Data Security, Inc. MD5 Message-Digest Algorithm 

Copyright (c) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved. 

License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all 
material mentioning or referencing this software or this function. 

License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD5 
Message-Digest Algorithm" in all material mentioning or referencing the derived work. 

RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any 
particular purpose. It is provided "as is" without express or implied warranty of any kind. 

THE BEER-WARE LICENSE" (Revision 42): 

< phk@FreeBSD.org <mailto:phk@FreeBSD.org> > wrote this file. As long as you retain this notice you can do whatever you want with this stuff. If we 
meet some day, and you think this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 

Microsoft Windows Media Streaming 

Copyright (c) 2003 Microsoft Corporation. All rights reserved. 

OpenLDAP 

Copyright (c) 1999-2001 The OpenLDAP Foundation, Redwood City, California, USA. All Rights Reserved. Permission to copy and distribute verbatim 
copies of this document is granted. 

http:/ / www.openldap.org/ software/ release/ license.html 
The OpenLDAP Public License Version 2.7, 7 September 2001 



to the restrictions of a license agreement. Consult the Preface in the 



to the restrictions given in the file SMP-READ-ME. 



Redistribution and use of this software and associated documentation ("Software"), with or without modification, are permitted provided that the 
following conditions are met: 

1. Redistributions of source code must retain copyright statements and notices, 

2. Redistributions in binary form must reproduce applicable copyright statements and notices, this list of conditions, and the following disclaimer in the 
documentation and/ or other materials provided with the distribution, and 

3. Redistributions must contain a verbatim copy of this document. 

The OpenLDAP Foundation may revise this license from time to time. Each revision is distinguished by a version number. You may use this Software 
under terms of this license revision or under the terms of any subsequent revision of the license. 

THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS CONTRIBUTORS "AS IS" AND ANY EXPRESSED OR IMPLIED 
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S) OR OWNER(S) 
OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
POSSIBILITY OF SUCH DAMAGE. 

The names of the authors and copyright holders must not be used in advertising or otherwise to promote the sale, use or other dealing in this Software 
without specific, written prior permission. Title to copyright in this Software shall at all times remain with copyright holders. 

OpenLDAP is a registered trademark of the OpenLDAP Foundation. 

OpenSSH 

Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland. All rights reserved 
This file is part of the OpenSSH software. 

The licences which components of this software fall under are as follows. First, we will summarize and say that all components are under a BSD licence, 
or a licence more free than that. 

OpenSSH contains no GPL code. 

1) As far as I am concerned, the code I have written for this software can be used freely for any purpose. Any derived versions of this software must be 
clearly marked as such, and if the derived work is incompatible with the protocol description in the RFC file, it must be called by a name other than "ssh" 
or "Secure Shell". 

[Tatu continues] 

However, I am not implying to give any licenses to any patents or copyrights held by third parties, and the software includes parts that are not under 
my direct control. As far as I know, all included source code is used in accordance with the relevant license agreements and can be used freely for any 
purpose (the GNU license being the most restrictive); see below for details. 

[However, none of that term is relevant at this point in time. All of these restrictively licenced software components which he talks about have been 
removed from OpenSSH, i.e., 

- RSA is no longer included, found in the OpenSSL library 

- IDEA is no longer included, its use is deprecated 

- DES is now external, in the OpenSSL library 

- GMP is no longer used, and instead we call BN code from OpenSSL 

- Zlib is now external, in a library 

- The make-ssh-known-hosts script is no longer included 

- TSS has been removed 

- MD5 is now external, in the OpenSSL library 

- RC4 support has been replaced with ARC4 support from OpenSSL 

- Blowfish is now external, in the OpenSSL library 
[The licence continues] 

Note that any information and cryptographic algorithms used in this software are publicly available on the Internet and at any major bookstore, 
scientific library, and patent office worldwide. More information can be found e.g. at "http://www.cs.hut.fi/ crypto". 

The legal status of this program is some combination of all these permissions and restrictions. Use only at your own responsibility. You will be 
responsible for any legal consequences yourself; I am not making any claims whether possessing or using this is legal or not in your country, and I am 
not taking any responsibility on your behalf. 

NO WARRANTY 

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY 
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE 
PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE 
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND 
PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL 
NECESSARY SERVICING, REPAIR OR CORRECTION. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED 
ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED 
INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 

2) The 32-bit CRC compensation attack detector in deattack.c was contributed by CORE SDI S.A. under a BSD-style license. 

Cryptographic attack detector for ssh - source code 

Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. All rights reserved. Redistribution and use in source and binary forms, with or without 
modification, are permitted provided that this copyright notice is retained. THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR 
IMPLIED WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI S.A. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS SOFTWARE. 




Ariel Futoransky <futo@core-sdi.com> <http://www.core-sdi.com> 

3) ssh-keygen was contributed by David Mazieres under a BSD-style license. 

Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. Modification and redistribution in source and binary forms is permitted provided that due 
credit is given to the author and the OpenBSD project by leaving this copyright notice intact. 

4) The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers and Paulo Barreto is in the public domain and distributed with the following 
license: 

@version 3.0 (December 2000) 

Optimised ANSI C code for the Rijndael cipher (now AES) 

@author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> 

@author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> 

@author Paulo Barreto <paulo.barreto@terra.com.br> 

This code is hereby placed in the public domain. 

THIS SOFTWARE IS PROVIDED BY THE AUTHORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT 
SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
STRICT LIABILHY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

5) One component of the ssh source code is under a 3-clause BSD license, held by the University of California, since we pulled these parts from original 
Berkeley code. 

Copyright (c) 1983, 1990, 1992, 1993, 1995 

The Regents of the University of California. All rights reserved. 



Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation 
and/ or other materials provided with the distribution. 

3. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without 
specific prior written permission. 

THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
STRICT LIABILHY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

6) Remaining components of the software are provided under a standard 2-term BSD licence with the following names as copyright holders: 

Markus Friedl 
Theo de Raadt 
Niels Provos 
Dug Song 
Aaron Campbell 
Damien Miller 
Kevin Steves 
Daniel Kouril 
Wesley Griffin 
Per Allansson 
Nils Nordman 
Simon Wilkinson 

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation 
and/ or other materials provided with the distribution. 

THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT 
SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFHS; OR BUSINESS 
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
POSSIBILITY OF SUCH DAMAGE. 

OpenSSL 

Copyright (c) 1995-1998 Eric Young ( eay@cryptsoft.com ). All rights reserved. 
http://www.openssl.org/ about/ 
http:/ / www. openssl.org/ about/ 



OpenSSL is based on the excellent SSLeay library developed by Eric A. Young <mailto:eay@cryptsoft.com> and Tim J. Hudson 
<mailto:tjh@cryptsoft.com> . 

The OpenSSL toolkit is licensed under a Apache-style license which basically means that you are free to get and use it for commercial and non- 
commercial purposes. 

This package is an SSL implementation written by Eric Young ( eav @crvptsof t. com) . The implementation was written so as to conform with Netscapes 
SSL. 

This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all 
code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution 
is covered by the same copyright terms except that the holder is Tim Hudson ( tjh@cryptsoft.comL 

Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young 
should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in 
documentation (online or textual) provided with the package. 

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation 
and/ or other materials provided with the distribution. 

3. All advertising materials mentioning features or use of this software must display the following acknowledgement: "This product includes 
cryptographic software written by Eric Young (eay@cryptsoft.com)" The word 'cryptographic' can be left out if the routines from the library being used 
are not cryptographic related :-). 

4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: 
"This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 
THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 
OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 
TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
POSSIBILITY OF SUCH DAMAGE. 

The license and distribution terms for any publicly available version or derivative of this code cannot be changed, i.e. this code cannot simply be copied 
and put under another distribution license [including the GNU Public License.] 

Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation 
and/ or other materials provided with the distribution. 

3. All advertising materials mentioning features or use of this software must display the following acknowledgment: 

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit, (http:/ /www.openssl.org/)" 

4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior 
written permission. For written permission, please contact openssl-core@openssl.org. 

5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the 
OpenSSL Project. 

6. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by the OpenSSL 
Project for use in the OpenSSL Toolkit (http:/ /www.openssl.org/)" 

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO 
EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson 
(tjh@cryptsoft.com). 

PCRE 

Copyright (c) 1997-2001 University of Cambridge 

University of Cambridge Computing Service, Cambridge, England. Phone: +44 1223 334714. 

Written by: Philip Hazel <phlO@cam.ac.uk> 

Permission is granted to anyone to use this software for any purpose on any computer system, and to redistribute it freely, subject to the following 
restrictions: 

1. This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of 
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 

2. Regular expression support is provided by the PCRE library package, which is open source software, written by Philip Hazel, and copyright by the 
University of Cambridge, England. 

ftp: / / ftp.csx.cam.ac.uk/ pub/ software/ programming/ pcre/ 

PHAOS SSLava and SSLavaThin 

Copyright (c) 1996-2003 Phaos Technology Corporation. All Rights Reserved. 

The software contains commercially valuable proprietary products of Phaos which have been secretly developed by Phaos, the design and development 
of which have involved expenditure of substantial amounts of money and the use of skilled development experts over substantial periods of time. The 
software and any portions or copies thereof shall at all times remain the property of Phaos. 



PHAOS MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTY OF 
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, REGARDING THE SOFTWARE, OR ITS USE AND OPERATION ALONE OR IN 
COMBINATION WITH ANY OTHER SOFTWARE. 

PHAOS SHALL NOT BE LIABLE TO THE OTHER OR ANY OTHER PERSON CLAIMING DAMAGES AS A RESULT OF THE USE OF ANY 
PRODUCT OR SOFTWARE FOR ANY DAMAGES WHATSOEVER. IN NO EVENT WILL PHAOS BE LIABLE FOR SPECIAL, INCIDENTAL OR 
CONSEQUENTIAL DAMAGES, EVEN IF ADVISED OF THE POSSIBLITY OF SUCH DAMAGES. 

RealSystem 

The RealNetworks® RealProxy™ Server is included under license from RealNetworks, Inc. Copyright 1996-1999, RealNetworks, Inc. All rights 
reserved. 

SNMP 

Copyright (C) 1992-2001 by SNMP Research, Incorporated. 

This software is furnished under a license and may be used and copied only in accordance with the terms of such license and with the inclusion of the 
above copyright notice. This software or any other copies thereof may not be provided or otherwise made available to any other person. No title to and 
ownership of the software is hereby transferred. The information in this software is subject to change without notice and should not be construed as a 
commitment by SNMP Research, Incorporated. 

Restricted Rights Legend: 

Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c)(l)(ii) of the Rights in Technical Data and 
Computer Software clause at DFARS 252.227-7013; subparagraphs (c)(4) and (d) of the Commercial Computer Software-Restricted Rights Clause, FAR 
52.227-19; and in similar clauses in the NASA FAR Supplement and other corresponding governmental regulations. 

PROPRIETARY NOTICE 

This software is an unpublished work subject to a confidentiality agreement and is protected by copyright and trade secret law. Unauthorized copying, 
redistribution or other use of this work is prohibited. The above notice of copyright on this source code product does not indicate any actual or intended 
publication of such source code. 

STLport 

Copyright (c) 1999, 2000 Boris Fomitchev 

This material is provided "as is", with absolutely no warranty expressed or implied. Any use is at your own risk. 

Permission to use or copy this software for any purpose is hereby granted without fee, provided the above notices are retained on all copies. Permission 
to modify the code and to distribute modified code is granted, provided the above notices are retained, and a notice that the code was modified is 
included with the above copyright notice. 

The code has been modified. 

Copyright (c) 1994 Hewlett-Packard Company 

Copyright (c) 1996-1999 Silicon Graphics Computer Systems, Inc. 

Copyright (c) 1997 Moscow Center for SPARC Technology 

Permission to use, copy, modify, distribute and sell this software and its documentation for any purpose is hereby granted without fee, provided that the 
above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation. Hewlett- 
Packard Company makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied 
warranty. 

Permission to use, copy, modify, distribute and sell this software and its documentation for any purpose is hereby granted without fee, provided that the 
above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation. Silicon 
Graphics makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. 
Permission to use, copy, modify, distribute and sell this software and its documentation for any purpose is hereby granted without fee, provided that the 
above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation. Moscow 
Center for SPARC Technology makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or 
implied warranty. 

SmartFilter 

Copyright (c) 2003 Secure Computing Corporation. All rights reserved. 

SurfControl 

Copyright (c) 2003 SurfControl, Inc. All rights reserved. 

Symantec AntiVirus Scan Engine 

Copyright (c) 2003 Symantec Corporation. All rights reserved. 

TCPIP 

Some of the files in this project were derived from the 4.X BSD (Berkeley Software Distribution) source. 

Their copyright header follows: 

Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995 

The Regents of the University of California. All rights reserved. 

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 

1 . Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation 
and/ or other materials provided with the distribution. 

3. All advertising materials mentioning features or use of this software must display the following acknowledgement: 

This product includes software developed by the University of California, Berkeley and its contributors. 

4. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without 
specific prior written permission. 

THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 




CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
STRICT LIABILHY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, 
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

Trend Micro 

Copyright (c) 1989-2003 Trend Micro, Inc. All rights reserved, 
zlib 

Copyright (c) 2003 by the Open Source Initiative 

This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the 
use of this software. 

ICU License - ICU 1.8.1 and later COPYRIGHT AND PERMISSION NOTICE Copyright (c) 1995-2003 International Business Machines Corporation and 
others All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation 
files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, 
and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, provided that the above copyright notice(s) and 
this permission notice appear in all copies of the Software and that both the above copyright notice(s) and this permission notice appear in supporting 
documentation. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 
LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD 
PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR 
ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR 
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION 
WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. Except as contained in this notice, the name of a copyright holder shall not be used in 
advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder 



